Description:
A vulnerability was reported in Microsoft Internet Explorer. A remote user may be able to cause arbitrary code to be executed on the target user's system.

A remote user can create specially crafted HTML that, when loaded by the target user, will cause arbitrary code to be executed on the target system. The code will run with the privileges of the target user.

HTML that contains certain javascript onload() events can trigger the flaw. The vulnerability occurs due to way that Internet Explorer handles mismatched Document Object Model (DOM) objects. Other events may be affected.

Exploit code is publicly available and malicious software is actively exploiting this vulnerability.

This vulnerability was originally reported by Benjamin Tobias Franz in May 2005 as a denial of service vulnerability. In that report, the following demonstration exploit was provided:

<body onLoad="window()">

Impact:
A remote user can create HTML that, when loaded by the target user, will cause arbitrary code to be executed on the target user's system.